In Case You Missed It...The Week of January 23, 2006

Pro-PHP Podcast Teams with php|Architect

Marcus Whitney and Chris Cornutt (aka enygma) will be banding together with the team of php|architect to produce an even better version of the popular podcast, Pro-PHP. The new and improved version promises to be of better listening quality and more regularity, with Chris providing news every two weeks, and Marcus providing live interviews (yes, that's right - live!). For feedback or suggestions on topics or formats, you can either visit Chris' blog (http://blog.phpdeveloper.org/), Marcus' blog (http://www.marcuswhitney.com/ or the new podcast home page (http://www.pro-php.com) Here, you can also see a list of upcoming and previous shows. The next show will be January 27 with Andi Gutmans at 1pm EST. Good luck with the new format guys!

WASP Framework for PHP5

I had planned to call this section "WASP Creates a Buzz", if only to compete with Slashdot's ("Taking the Sting Out of PHP5 Programming"), but decided that was too cheesy even for me. I am of course referring to the recent article on O'Reilly's ONLAMP PHP Dev Center, written by Brian Fioca on WASP (Web Application Structure for PHP). This article provides a nice tutorial and intro to using WASP, and seems to be popping up everywhere. If you have 5 minutes and want to play with a new framework, you can download WASP at Sourceforge (http://sourceforge.net/project/showfiles.php?group_id=140810) and the article can be found here: http://www.onlamp.com/pub/a/php/2006/01/19/wasp_intro.html.

Minor Security Alert for TYPO3

Secunia.com reports that there is a minor, yet unpatched bug in TYPO3 3.x which can reveal the full path to thumbs.php. Simple enough to fix, but if you'd like to read the whole advisory go to http://secunia.com/advisories/18546/.

Multi-Byte Charset Users Listen Up!

Chris Shiflett (http://shiflett.org/archive/184) and Ilia Alshanetsky (http://ilia.ws/index.php) offer us tag-team blog posts describing why addslashes() and mysql_real_escape_string() are not 100% bulletproof to SQL injection attacks, when you are using a multi-byte character set. If this is you, take a quick look to make sure you're covered.

The Future of Ning?

In a blog post that is getting quite a bit of attention, Michael Arrington (http://www.techcrunch.com/2006/01/20/ning-rip/) argues that Ning has met its demise, and gives several reasons backing up his opinion (namely the required hosting, the difficulties if you don't know PHP or HTML, the lack of communication from its own developers and the non-support of API's). While the post is interesting, and brings up some valid points, the thing I find most intriguing is the response from the Ning developers in the comments thread. I've seen other posts' comments get ugly and it does my heart good to know that the Ning development team is taking the criticisms well and actually doing something about it. Especially in the communication department; you can now read about "what's coming up with Ning" and a quick way to integrate Google Maps in their own dev blog (http://blog.ning.com/). Long live Ning!

Smarty 2.6.12 Released

This is a very minor release (only 3 changes) but you may as well upgrade, as it fixes some compatibility issues with the latest version of PHP. To download or see the changelog, visit Smarty's site at http://smarty.php.net/.

PEAR/PECL Releases

I would be remiss in my duties if I didn't include what's new at PEAR and PECL. Recent PEAR releases include: